kingoamino/Conf_SFTP

## Conf_SFTP
** 1. SFTP Installation **

---- $ rpm -qa|grep ssh

** 2. SFTP Configuration **

Create sftp folder
---- $ mkdir -p /var/sftp
---- $ chmod 755 /var/sftp

create a group and user so that we can manage all user that shall get SFTP access.
---- $ groupadd sftpusers
---- $ useradd -g sftpusers -d /upload -s /sbin/nologin mysftpuser
---- $ passwd mysftpuser

Create the /upload folder under /var/mysftpuser, then assign appropriate ownership to the folder.
---- $ mkdir -p /var/sftp/upload
---- $ chown -R root:sftpusers /var/sftp
---- $ chown -R mysftpuser:sftpusers /var/sftp/upload

Once done, verify that the new folder under the directory /data exists and that we made the configuration correct.

---- $ ls -ld /dev/sftp
       drwxr-xr-x. 3 root sftpusers 20 Mar 22 14:29 /dev/sftp
---- $ ls -ld /data/sftp/upload
       drwxr-xr-x. 2 mysftpuser sftpusers 6 Mar 22 14:29 /data/mysftpuser/upload
---- $ cat /etc/passwd|grep sftp
       mysftpuser:x:1001:1001::/upload:/sbin/nologin

Configure the SSH protocol to create an SFTP process by editing the configuration file under /etc/ssh/sshd_config:
---- $ vim /etc/ssh/sshd_config
Add the following lines at the end of the file :

              .. Match Group sftpusers ..
              .. Match User ftpuser * ( if group not exist ) ..
              .. ChrootDirectory /var/sftp ..
              .. ForceCommand internal-sftp ..
              .. PasswordAuthentication yes ..
              .. PermitTunnel no ..
              .. AllowAgentForwarding no ..
              .. AllowTcpForwarding no ..
              .. X11Forwarding no ..

Restart the SSH services, below are the steps:
---- $ service sshd restart
	1. SFTP Installation

	---- $ rpm -qa\|grep ssh

	2. SFTP Configuration

	Create sftp folder
	---- $ mkdir -p /var/sftp
	---- $ chmod 755 /var/sftp

	create a group and user so that we can manage all user that shall get SFTP access.
	---- $ groupadd sftpusers
	---- $ useradd -g sftpusers -d /upload -s /sbin/nologin mysftpuser
	---- $ passwd mysftpuser

	Create the /upload folder under /var/mysftpuser, then assign appropriate ownership to the folder.
	---- $ mkdir -p /var/sftp/upload
	---- $ chown -R root:sftpusers /var/sftp
	---- $ chown -R mysftpuser:sftpusers /var/sftp/upload

	Once done, verify that the new folder under the directory /data exists and that we made the configuration correct.

	---- $ ls -ld /dev/sftp
	drwxr-xr-x. 3 root sftpusers 20 Mar 22 14:29 /dev/sftp
	---- $ ls -ld /data/sftp/upload
	drwxr-xr-x. 2 mysftpuser sftpusers 6 Mar 22 14:29 /data/mysftpuser/upload
	---- $ cat /etc/passwd\|grep sftp
	mysftpuser:x:1001:1001::/upload:/sbin/nologin

	Configure the SSH protocol to create an SFTP process by editing the configuration file under /etc/ssh/sshd_config:
	---- $ vim /etc/ssh/sshd_config
	Add the following lines at the end of the file :

	.. Match Group sftpusers ..
	.. Match User ftpuser * ( if group not exist ) ..
	.. ChrootDirectory /var/sftp ..
	.. ForceCommand internal-sftp ..
	.. PasswordAuthentication yes ..
	.. PermitTunnel no ..
	.. AllowAgentForwarding no ..
	.. AllowTcpForwarding no ..
	.. X11Forwarding no ..

	Restart the SSH services, below are the steps:
	---- $ service sshd restart